version 1.1390, 2016/07/03 11:20:30 |
version 1.1391, 2016/07/05 22:20:08 |
|
|
<p> |
<p> |
|
|
<ul> |
<ul> |
|
<!-- 2016-05-31 --> |
|
<li>Add support for using SRPs without the garbage collection machinery. |
|
<li>In <a href="http://man.openbsd.org/sshd.8">sshd(8)</a>: |
|
<ul> |
|
<li>Ensure that the client's proposed DH-GEX max value is at least as big as the minimum the server will accept. |
|
<li>Check min and max sizes sent by the client against what we support before passing them to the monitor. |
|
</ul> |
|
<li>Fix ptrace PT_WRITE_D that returned EFAULT (broken in src/sys/kern/sys_process.c r1.33). |
|
<li>In libexpat, fix CVE-2016-0718. |
|
<li>In <a href="http://man.openbsd.org/installboot.8">installboot(8)</a>, add support for armv7. |
|
<li>In binutils, port over the binutils fix for PR ld/3111: greatly speed up linking of object files that contain lots of dwarf2 symbols by caching symbol tables. |
|
<li>In <a href="http://man.openbsd.org/newfs.8">newfs(8)</a>, permit wxallowed on mfs. |
|
<li>In libedit, fix a crash that occurred when the history contained more than twice as many entries as the new limit. |
|
<li>Ensure that <a href="http://man.openbsd.org/softraid.4">softraid(4)</a> crypto is not run on the crypto taskq. |
|
<li>In <a href="http://man.openbsd.org/video.1">video(1)</a>, guard against using tp_start uninitialized in case no frame was grabbed in verbose mode. |
|
<li>Stop creating and inserting a route entry for ARP and ND automagically. |
|
<li>Flush dynamic route entries attached to an interface when its link state becomes DOWN. This should fix stale RTF_DYNAMIC routes when switching WiFi network during suspend/resume. |
|
<li>Plug a route entry leak triggered under memory pressure. |
|
<!-- 2016-05-30 --> |
|
<li>In <a href="http://man.openbsd.org/video.1">video(1)</a>, add In <a href="http://man.openbsd.org/mmap.2">mmap(2)</a> support for frame grabbing and make it default over <a href="http://man.openbsd.org/read.2">read.(2)</a> unless overriden by the -g flag. |
|
<li>Identify W^X labelled binaries at <a href="http://man.openbsd.org/execve.2">execve(2)</a> time based upon the WX_OPENBSD_WXNEEDED flag set by ld -zwxneeded. |
|
<li>In <a href="http://man.openbsd.org/sed.1">sed(1)</a>, fix a begin-of-word mismatch. |
|
<li>On amd64, include rdtsc in the rdrand callback. |
|
<li>Deal with interfaces removing the VLAN header before the packet has been feed to the pseudo-interfaces input handlers. |
|
<li>Update to freetype-doc 2.6.3. |
|
<!-- 2016-05-29 --> |
|
<li>In libc on i386, do setjmp cookies for eip, esp, and ebp. |
|
<li>In libc on mips64, do setjmp cookies for gp, sp, and ra. |
|
<li><font color="#e00000">5.8 and 5.9 RELIABILITY FIX: Bug in the libcrypto library when parsing certain ASN.1 elements.</font><br>A source code patch is available for <a href="errata58.html#015_crypto">5.8</a> and <a href="errata59.html#009_crypto">5.9</a>. |
|
<li>Update to xserver 1.18.3. |
|
<li>Update to freetype 2.6.3. |
|
<li>In <a href="http://man.openbsd.org/OpenBSD-current/man4/macppc/smu.4">smu(4/macppc)</a>, add support for new smu-firmware fan commands. |
|
<li>Update to mesa 11.2.2. |
|
<!-- 2016-05-28 --> |
|
<li>Fix a <a href="http://man.openbsd.org/pledge.2">pledge(2)</a> violation with "<a href="http://man.openbsd.org/ncheck_ffs">ncheck_ffs</a> /dev/tty". |
|
<li>In <a href="http://man.openbsd.org/ld.1">ld(1)</a>, implement -z wxneeded. |
|
<li>Fix a <a href="http://man.openbsd.org/pledge.2">pledge(2)</a> violation with "<a href="http://man.openbsd.org/pdisk.8">pdisk</a> /dev/tty". |
|
<li>Implement the fork+exec pattern in <a href="http://man.openbsd.org/smtpd.8">smtpd(8)</a>. |
|
<li>Fix <a href="http://man.openbsd.org/pledge.2">pledge(2)</a> issues in <a href="http://man.openbsd.org/growfs.8">growfs(8)</a>. |
|
<li>In <a href="http://man.openbsd.org/nc.1">nc(1)</a>: |
|
<ul> |
|
<li>Fix -verbose mode when used on a Unix domain socket. |
|
<li>Fix a <a href="http://man.openbsd.org/pledge.2">pledge(2)</a> violation when -P is used and a passwords needs to be supplied. |
|
</ul> |
|
<li>In <a href="http://man.openbsd.org/iwm.4">iwm(4)</a>, add support for Intel Wireless 3165 devices. |
|
<li>In <a href="http://man.openbsd.org/fsirand.8">fsirand(8)</a> and <a href="http://man.openbsd.org/fsck_msdos.8">fsck_msdos(8)</a>, fix a <a href="http://man.openbsd.org/pledge.2">pledge(2)</a> violation that can be triggered by using DIOCGDINFO on a file that is not a disk device. |
|
<li>In <a href="http://man.openbsd.org/disklabel.8">disklabel(8)</a>, don't crash if no filename is provided. |
|
<li>In <a href="http://man.openbsd.org/iwm.4">iwm(4)</a>, add support for Intel Wireless 8260 devices. |
|
<li>In <a href="http://man.openbsd.org/aucat.1">aucat(1)</a>, fix file block size rounding and ensure it's large enough to store a full audio block. |
|
<!-- 2016-05-27 --> |
|
<li>In the install script, set the "wxallowed" <a href="http://man.openbsd.org/mount.8">mount(8)</a> option for the filesystem /usr/local resides on. |
|
<li>No longer allow W^X violations by default. A kernel log message is generated, and <a href="http://man.openbsd.org/mprotect.2">mprotect(2)</a> and <a href="http://man.openbsd.org/mmap.2">mmap(2)</a> return ENOTSUP. If the kern.wxabort <a href="http://man.openbsd.org/sysctl.8">sysctl(8)</a> is set, a SIGABRT occurs instead. W^X-violating programs can be permitted per FFS/NFS filesystem, using the "wxallowed" <a href="http://man.openbsd.org/mount.8">mount(8)</a> option. |
|
<li>In <a href="http://man.openbsd.org/aucat.1">aucat(1)</a>, when resampling, use the exact resampling factor instead of the ratio between input and output block sizes. This change makes playback/recording rate match exactly the requested sample rate. |
|
<li>In <a href="http://man.openbsd.org/httpd.8">httpd(8)</a>, return 400 (Bad Request) instead of 500 (Internal Server Error) for requests not specifying the HTTP version. |
|
<!-- 2016-05-26 --> |
|
<li>When initializing the console, add a short delay so that baud rate changes on the console have a chance of working. This prevents the serial console on the APU from hanging when garbage is echoed to the tty. |
|
<li>In <a href="http://man.openbsd.org/procmap.1">procmap(1)</a>, reintroduce vnode-to-filename mapping. |
|
<li>In <a href="http://man.openbsd.org/rc.8">rc(8)</a>: |
|
<ul> |
|
<li>Skip library reordering if /usr/lib is on an NFS filesystem. |
|
<li>Temporarily remount read-write if /usr/lib is on a read-only FFS filesystem. |
|
</ul> |
|
<li>Make amaps use less kernel memory. This is achieved by grouping amap slots into chunks that are allocated on-demand by <a href="http://man.openbsd.org/pool.9">pool(9)</a>. |
|
<!-- 2016-05-25 --> |
|
<li>In <a href="http://man.openbsd.org/scp.1">scp(1)</a> and <a href="http://man.openbsd.org/sftp.1">sftp(1)</a>, prevent screwing up terminal settings by escaping bytes not forming ASCII or UTF-8 characters. |
|
<li>In <a href="http://man.openbsd.org/regex.3">regex(3)</a>, fix another one-byte buffer underflow (read access only). |
|
<li>Avoid a use-after-free in <a href="http://man.openbsd.org/ftp.1">ftp(1)</a>. |
|
<li>In <a href="http://man.openbsd.org/iwm.4">iwm(4)</a>, update to firmware API 16 and enable RTS/CTS frame protection. |
|
<!-- 2016-05-24 --> |
|
<li>In the armv7 install script, use efiboot when setting up the installed disk. |
|
<li>On octeon, prevent gather buffer starvation on currently supported systems. |
|
<!-- 2016-05-23 --> |
|
<li>In <a href="http://man.openbsd.org/acpitz.4">acpitz(4)</a>, disable active cooling trip points when we lack the right method to operate. |
|
<li>Place a cpu-dependent trap/illegal instruction over the remainder of the sigtramp page, so that it will generate a kernel fault if touched. |
|
<li>Remove the kern.random <a href="http://man.openbsd.org/sysctl.8">sysctl(8)</a>. |
|
<li>In <a href="http://man.openbsd.org/umsm.4">umsm(4)</a>, support the Airprime/Sierra AirCard 313U and the Netgear/Sierra AirCard 770S. |
|
<li>Various improvements to <a href="http://man.openbsd.org/ldpd.8">ldpd(8)</a>. |
|
<li>In binutils on sparc64, make the PLT read-only. This allows the kernel and ld.so to load binaries without violating W^X. |
|
<li>Add UTF-8 support to <a href="http://man.openbsd.org/fold.1">fold(1)</a>. |
|
<!-- 2016-05-22 --> |
|
<li>On macppc, use 64-bit integers to fix fan scaling calculations. |
|
<li>Build armv7 efiboot. |
|
<li>In libc on hppa, add XOR cookies for rp and sp. |
|
<li>In libc on powerpc, add XOR cookies for r1 (stack) and lr. |
|
<li>Avoid a uvm fault when pulling an msdos-formatted <a href="http://man.openbsd.org/umass.4">umass(4)</a> stick during mount while the USB stack is busy. |
|
<li>In <a href="http://man.openbsd.org/smtpd.8">smtpd(8)</a>, start work on improving the log format. |
|
<!-- 2016-05-21 --> |
|
<li>Build <a href="http://man.openbsd.org/eeprom.8">eeprom(8)</a> on armv7. |
|
<li>Implement <a href="http://man.openbsd.org/openprom.4">openprom(4)</a> for armv7. |
|
<li>Make <a href="http://man.openbsd.org/eeprom.8">eeprom(8)</a> -p print sensible numbers on little-endian platforms. |
|
<li>Remove the -x flag from <a href="http://man.openbsd.org/mount_msdos.8">mount_msdos(8)</a> and always assume the execute bit for readable directories subject to the mask option (-m). |
|
<li>Stop making files executable on msdosfs. |
|
<li>Fix a logic bug in DUID generation: we want to generate DUIDs until we have one that is not a duplicate and not a zero DUID. |
|
<li>In <a href="http://man.openbsd.org/ntpd.8">ntpd(8)</a>, harden TLS for constraints. |
|
<li>On armv7, dynamically attach <a href="http://man.openbsd.org/OpenBSD-current/man4/armv7/imxiic.4">imxiic(4/armv7)</a> and use the FDT to enumerate devices on i2c busses. The CuBox-i and Hummingboard now need to be booted with an FDT to see the RTC. |
|
<li>In <a href="http://man.openbsd.org/OpenBSD-current/man4/octeon/cnmac.4">cnmac(4/octeon)</a>, make the TX path MP-safe and add some ifq oactive logic. |
|
<!-- 2016-05-20 --> |
|
<li>On armv7, resolve problems with <a href="http://man.openbsd.org/OpenBSD-current/man4/armv7/ommmc.4">ommmc(4/armv7)</a> sometimes not attaching properly with recent u-boot versions. |
|
<li>On macppc, hook up <a href="http://man.openbsd.org/OpenBSD-current/man4/macppc/smu.4">smu(4/macppc)</a> to the thermal management framework. |
|
<li>On macppc, add a thermal management framework which controls the fan speed based on the temperature sensor values. |
|
<li>In the install script, log questions and answers during install/upgrade and mail them to the root user in a format usable as a response file for <a href="http://man.openbsd.org/autoinstall.8">autoinstall(8)</a>. |
|
<li>In libcrypto, fix a short-read bug in the previous version of asn1_d2i_read_bio. |
|
<!-- 2016-05-19 --> |
|
<li>On i386, split the ACPI resume trampoline into code and data pages, and protect with proper permissions. |
|
<li>Remove the net.inet6.ip6.v6only <a href="http://man.openbsd.org/sysctl.8">sysctl(8)</a>. |
|
<!-- 2016-05-18 --> |
|
<li><font color="#e00000">5.9 RELIABILITY FIX: Possible data corruption in <a href="http://man.openbsd.org/bnx.4">bnx(4)</a>.</font><br>A source code patch is available for <a href="errata59.html#008_bnx">5.9</a>. |
|
<li>In <a href="http://man.openbsd.org/ieee80211.9">ieee80211(9)</a>, in hostap mode, don't re-use association IDs (AIDs) of nodes which are still lingering in the node cache. This could cause an AID to be assigned twice. |
|
<!-- 2016-05-17 --> |
|
<li>Split the i386 mp hatch trampoline into code and data pages, and protect each with proper W^X policy. |
|
<li>On octeon, accept cnmac as a valid rootdev from uboot (e.g. rootdev=/dev/cnmac0). |
|
<li>Rework the fix to prevent a kernel crash when <a href="http://man.openbsd.org/sendsyslog.2">sendsyslog(2)</a> is called with LOG_CONS and the console device has not been intialized yet. |
|
<li>In <a href="http://man.openbsd.org/regex.3">regex(3)</a>, fix a one-byte buffer underflow (read access only). |
|
<li>Change the random event buffer from a queue to an endless ring so that no events are dropped when the queue is full. They are instead mixed into previous events. |
|
<li>Fix "<a href="http://man.openbsd.org/skeyinit.1">skeyinit</a> username" run as root. |
|
<li><font color="#e00000">5.8 and 5.9 SECURITY FIX: Insufficient checks in the <a href="http://man.openbsd.org/uvideo.4">uvideo(4)</a> V4L2 <a href="http://man.openbsd.org/ioctl.2">ioctl(2)</a> handling leak kernel memory contents to a local user.</font><br>A source code patch is available for <a href="errata58.html#014_uvideo">5.8</a> and <a href="errata59.html#007_uvideo">5.9</a>. |
|
<li>Completely skip link-layer address resolution and NUD on <a href="http://man.openbsd.org/gif.4">gif(4)</a>. |
|
<!-- 2016-05-16 --> |
|
<li>In <a href="http://man.openbsd.org/uvideo.4">uvideo(4)</a>, plug some holes in the V4L2 <a href="http://man.openbsd.org/ioctl.2">ioctl(2)</a> interfaces that would leak kernel memory to a local user. Also fix a potential integer overflow issue. |
|
<li>In <a href="http://man.openbsd.org/httpd.8">httpd(8)</a>, fix some file-descriptor leaks. |
|
<li>Enable the pcf8523 RTC on Hummingboard and CuBox-i. |
|
<li><font color="#e00000">5.9 RELIABILITY FIX: Issues in <a href="http://man.openbsd.org/smtpd.8">smtpd(8)</a>.</font><br>A source code patch is available for <a href="errata59.html#006_smtpd">5.9</a>. |
|
<li>In <a href="http://man.openbsd.org/smtpd.8">smtpd(8)</a>: |
|
<ul> |
|
<li>Fix a logic issue in the SMTP state machine that can lead to an invalid state and result in a crash. |
|
<li>Plug a file-pointer leak that can lead to resource exhaustion and result in a crash. |
|
</ul> |
|
<li>Have POSTREAD flush the D-cache. This eliminates random data corruption on the CuBox-i4Pro. |
|
<li>Add <a href="http://man.openbsd.org/pfcrtc.4">pfcrtc(4)</a>, a driver for the NXP PCF8523 Real Time Clock. |
|
<!-- 2016-05-15 --> |
|
<li>In <a href="http://man.openbsd.org/xge.4">xge(4)</a>, enable reception and transmission of Jumbo frames. |
|
<!-- 2016-05-14 --> |
|
<li>In <a href="http://man.openbsd.org/OpenBSD-current/man4/macppc/smu.4">smu(4/macppc)</a>, add support for pwm fans. |
|
<li>Initial stab at an EFI bootloader for armv7. |
|
<li>In <a href="http://man.openbsd.org/sysmerge.8">sysmerge(8)</a>, no longer handle /etc/example files. |
|
<!-- 2016-05-12 --> |
|
<li>In <a href="http://man.openbsd.org/install.1">install(1)</a>, add -F to call <a href="http://man.openbsd.org/fsync.2">fsync(2)</a> on the installed file right before closing it. |
|
<li>In <a href="http://man.openbsd.org/tmux.1">tmux(1)</a>, add -q to source-file to suppress errors about nonexistent files. |
|
<!-- 2016-05-11 --> |
|
<li>In <a href="http://man.openbsd.org/eigrpd.8">eigrpd(8)</a>, disable EIGRPv6 on an interface when it loses its link-local address. |
|
<li>Remove the hppa64 port. |
|
<li>Allow zaudio(4) to start when large blocks are requested. |
|
<li>Make the mips64 pmap MP-safe. |
|
<li>In <a href="http://man.openbsd.org/top.1">top(1)</a>, allow to filter process arguments if they are being displayed. |
|
<!-- 2016-05-10 --> |
|
<li>Avoid a kernel crash when <a href="http://man.openbsd.org/sendsyslog.2">sendsyslog(2)</a> is called with LOG_CONS and the console device has not been intialized yet. |
|
<li>Do SROP mitigation. sendsig() stores a cookie inside the sigcontext. <a href="http://man.openbsd.org/sigreturn.2">sigreturn(2)</a> checks the syscall entry was from the exact PC addr in the (per-process ASLR) sigtramp, verifies the cookie, and clears it to prevent sigcontext reuse |
|
<li>Try harder to avoid using random data on the disk as an inode, because FFS2 does lazy inode initialization. This avoids crashes when translating a bogus filehandle to a vnode. |
|
<!-- 2016-05-09 --> |
|
<li>Update to libexpat 2.1.1. |
|
<li>In <a href="http://man.openbsd.org/rcs.1">rcs(1)</a>, implement Mdocdate keyword substitution. |
|
<!-- 2016-05-08 --> |
|
<li>In imxesdhc(4), add DMA support. It uses ADMA2 "Internal DMA" that is compatible with the SD Host Controller standard. |
|
<li>In <a href="http://man.openbsd.org/chvgpio.4">chvgpio(4)</a>, add support for level, active low gpio interrupts. |
|
<li>In <a href="http://man.openbsd.org/wall.1">wall(1)</a>, enable UTF-8 detection in wall(1). This deliberately ignores UTF-8 characters and replaces them with a single question mark. |
|
<li>In <a href="http://man.openbsd.org/bytgpio.4">bytgpio(4)</a> and <a href="http://man.openbsd.org/chvgpio.4">chvgpio(4)</a>, add support for writing gpio pins. |
|
<li>In <a href="http://man.openbsd.org/ifconfig.8">ifconfig(8)</a>, stop printing the MPSAFE interface flag. It is a kernel-only hint and printing it only creates confusion. |
|
<!-- 2016-05-07 --> |
|
<li>Add <a href="http://man.openbsd.org/chvgpio.4">chvgpio(4)</a>, a driver for the GPIO controllers found on Intel's Cherry View SoC. |
|
<li>On powerpc, flush page (through the direct map) before mapping it into AGP. This fixes artifacts seen in X on some G5 machines. |
|
<li>In the <a href="http://man.openbsd.org/getpwnam.3">getpwnam(3)</a> family of functions, stop opening the shadow database by default. |
|
<li>In <a href="http://man.openbsd.org/tcpdump.8">tcpdump(8)</a>, print RA Route Information prefix, preference and lifetime. |
|
<li>Use a Thread Information Block in both single and multi-threaded programs. Make libpthread <a href="http://man.openbsd.org/dlopen.3">dlopen(3)</a>'able. |
|
<li>In <a href="http://man.openbsd.org/bytgpio.4">bytgpio(4)</a>, implement ACPI 5.0 GeneralPurposeIo OpRegion support. |
|
<li>Import Term::ReadKey 2.33. |
|
<!-- 2016-05-06 --> |
|
<li>In imxesdhc(4), add support for changing the bus width and set the 4-bit mode capability. |
|
<li>Make the imxesdhc(4) work on the cubox-i. |
|
<li>Revert the default cachepercent to 20. |
|
<li>In <a href="http://man.openbsd.org/tcpdump.8">tcpdump(8)</a>, print the router preference contained in RAs in verbose mode. |
|
<!-- 2016-05-05 --> |
|
<li>Fix efiboot not to hang with a disk whose block size is less than 512. |
|
<li>Fix packet corruption in <a href="http://man.openbsd.org/bnx.4">bnx(4)</a>. |
|
<li>Add Dual Data Rate support for eMMC at 52 MHz. |
|
<li>In <a href="http://man.openbsd.org/gcc.1">gcc(1)</a>, add support for named initializers for anonymous structs/unions. This is a C11 feature that is starting to get used in places such as Mesa. |
|
<li>In <a href="http://man.openbsd.org/midiplay.1">midiplay(1)</a>, fix one of the reads past the end of the buffer. |
|
<!-- 2016-05-04 --> |
|
<li>In <a href="http://man.openbsd.org/acpithinkpad.4">acpithinkpad(4)</a>, avoid a division by zero in <a href="http://man.openbsd.org/wsconsctl.8">wsconsctl(8)</a>. |
|
<li>In <a href="http://man.openbsd.org/dc.4">dc(4)</a>, cope with the broken DMA engine of the Davicom DM9102 found on some Sun sparc64 machines. |
|
<li>On sparc64, avoid having to panic on hardware with a broken DMA engine that attempts to read beyond the end of the buffer that was programmed. |
|
<li>Add initial support for MSI-X, only on amd64 for now. |
|
<li>In <a href="http://man.openbsd.org/ssh_config.5">ssh_config(5)</a>, add IdentityAgent. |
|
<li>In <a href="http://man.openbsd.org/sdmmc.4">sdmmc(4)</a>, add high-speed support for SD cards. This causes serious improvement in the read speeds. |
|
<li>In <a href="http://man.openbsd.org/bytgpio.4">bytgpio(4)</a>, don't mask pins configured as direct IRQ. This nbreaks the keyboard on the Asus x205ta. |
|
<!-- 2016-05-03 --> |
|
<li>In <a href="http://man.openbsd.org/ssh.1">ssh(1)</a>, fix overriding of StreamLocalBindMask and StreamLocalBindUnlink in Match blocks. |
|
<li>Stop using a soft-interrupt context to process incoming network packets. Use a new task that runs holding the KERNEL_LOCK to execute MP-unsafe code. |
|
<li><font color="#e00000">5.8 and 5.9 SECURITY FIX: Issues in the libcrypto library (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106 and CVE-2016-2109). Refer to the <a href="https://www.openssl.org/news/secadv/20160503.txt">advisory</a>.</font><br>A source code patch is available for <a href="errata58.html#013_crypto">5.8</a> and <a href="errata59.html#005_crypto">5.9</a>. |
|
<li>In libssl, fix several issues: missing padding check in aesni functions, overflow in evp encode functions, and use of invalid negative asn.1 types. |
|
<li>Reduce the number of lookups to 1 for non-multicast traffic when <a href="http://man.openbsd.org/pf.4">pf(4)</a> is disabled. |
|
<li>In ssh, implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. |
|
<!-- 2016-05-02 --> |
|
<li>In <a href="http://man.openbsd.org/telnet.1">telnet(1)</a>, don't check if the hostname is a fully qualified domain. This prevents <a href="http://man.openbsd.org/pledge.2">pledge(2)</a> "dns" issues. |
|
<li>In tmpfs, fix some issues regarding timestamp updating. |
|
<li>In ssh: |
|
<ul> |
|
<li>Support SHA256 and SHA512 RSA signatures in certificates. |
|
<li>Add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03. |
|
</ul> |
|
<li>On arm and armv7, rework mainbus and implement simplebus to be able to span a tree-like topology based on device tree information. |
|
<!-- 2016-05-01 --> |
|
<li>In <a href="http://man.openbsd.org/OpenBSD-current/man4/armv7/ommmc.4">ommmc(4/armv7)</a>, add support for changing the bus width to ommmc and set the 4-bit mode capability. |
|
<li>Add bus width switching support for MMC. Enable 8-bit bus support on <a href="http://man.openbsd.org/sdhc.4">sdhc(4)</a> controllers that support it. This makes the raw transfer rate of the eMMC on the Lenovo Ideacentre Stick 300 go up to 40 MB/s. |
|
<li>In <a href="http://man.openbsd.org/sdhc.4">sdhc(4)</a>, fix the DMA issues on Bay Trail. |
|
<li>Add support for changing the bus width to the <a href="http://man.openbsd.org/sdmmc.4">sdmmc(4)</a> subsystem and the <a href="http://man.openbsd.org/sdhc.4">sdhc(4)</a> controller. Use this to switch SD cards to a 4-bit bus if they support it. |
|
<li>In <a href="http://man.openbsd.org/sppp.4">sppp(4)</a>, fix a bug causing breakage with LCP echoes. |
|
<li><font color="#e00000">5.9 RELIABILITY FIX: A problem in m_dup_pkt() can result in kernel crashes with <a href="http://man.openbsd.org/carp.4">carp(4)</a>.</font><br>A source code patch is available for <a href="errata59.html#004_mbuf">5.9</a>. |
<!-- 2016-04-30 --> |
<!-- 2016-04-30 --> |
<li>Convert <a href="http://man.openbsd.org/ldapd.8">ldapd(8)</a> to use the libtls API. |
<li>Convert <a href="http://man.openbsd.org/ldapd.8">ldapd(8)</a> to use the libtls API. |
<li>In <a href="http://man.openbsd.org/file.1">file(1)</a>, fix the default type to work properly. |
<li>In <a href="http://man.openbsd.org/file.1">file(1)</a>, fix the default type to work properly. |
<li>In <a href="http://man.openbsd.org/bytgpio.4">bytgpio(4)</a>, mask all gpio interrupts when attaching. This fixes interrupt storm on the Lenovo Ideacentre Stick 300. |
<li>In <a href="http://man.openbsd.org/bytgpio.4">bytgpio(4)</a>, mask all gpio interrupts when attaching. This fixes an interrupt storm on the Lenovo Ideacentre Stick 300. |
<li>In <a href="http://man.openbsd.org/sdhc.4">sdhc(4)</a> and <a href="http://man.openbsd.org/sdmmc.4">sdmmc(4)</a>: |
<li>In <a href="http://man.openbsd.org/sdhc.4">sdhc(4)</a> and <a href="http://man.openbsd.org/sdmmc.4">sdmmc(4)</a>: |
<ul> |
<ul> |
<li>Implement DMA support (only ADMA2 is supported). There is a remaining issue with simultaneous use of eMMC and external SD card on (some) Intel Bay Trail hardware. |
<li>Implement DMA support (only ADMA2 is supported). There is a remaining issue with simultaneous use of eMMC and external SD card on (some) Intel Bay Trail hardware. |
|
|
<li>In <a href="http://man.openbsd.org/ssh.1">ssh(1)</a>, close the ControlPersist background process stderr when the daemon is not in debug mode or when logging to a file or syslog (bz#1988). |
<li>In <a href="http://man.openbsd.org/ssh.1">ssh(1)</a>, close the ControlPersist background process stderr when the daemon is not in debug mode or when logging to a file or syslog (bz#1988). |
<!-- 2016-04-28 --> |
<!-- 2016-04-28 --> |
<li>In <a href="http://man.openbsd.org/MAKEDEV.8">MAKEDEV(8)</a>, replace /dev/bpf[0-9] with /dev/bpf and /dev/bpf0. |
<li>In <a href="http://man.openbsd.org/MAKEDEV.8">MAKEDEV(8)</a>, replace /dev/bpf[0-9] with /dev/bpf and /dev/bpf0. |
<li>If the attempt to broadcast a DHCPDISCOVER packet returns EAFNOSUPPORT, just print an error message and exit. |
<li>In <a href="http://man.openbsd.org/dhclient.8">dhclient(8)</a>, if the attempt to broadcast a DHCPDISCOVER packet returns EAFNOSUPPORT, just print an error message and exit. |
<li>In <a href="http://man.openbsd.org/OpenBSD-current/man8/i386/installboot.8">installboot(8/i386)</a>, plug a couple of leaks of input buffers. |
<li>In <a href="http://man.openbsd.org/OpenBSD-current/man8/i386/installboot.8">installboot(8/i386)</a>, plug a couple of leaks of input buffers. |
<li>In libssl, allow ^C to break operations such as reading passwords. |
<li>In libssl, allow ^C to break operations such as reading passwords. |
<li>In libssl, implement the IETF ChaCha20-Poly1305 cipher suites. The old Google implementation continues to be supported, but the ChaCha20-Poly1305 cipher suites names now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04. |
<li>In libssl, implement the IETF ChaCha20-Poly1305 cipher suites. The old Google implementation continues to be supported, but the ChaCha20-Poly1305 cipher suites names now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04. |
|
|
<!-- 2016-04-25 --> |
<!-- 2016-04-25 --> |
<li>In <a href="http://man.openbsd.org/rtsx.4">rtsx(4)</a>, match on RTS522A found in 2016 ThinkPads. |
<li>In <a href="http://man.openbsd.org/rtsx.4">rtsx(4)</a>, match on RTS522A found in 2016 ThinkPads. |
<li>Remove systrace support. |
<li>Remove systrace support. |
<li>In install script, when upgrading automatically run <a href="http://man.openbsd.org/sysmerge.8">sysmerge(8)</a> in batch mode before <a href="http://man.openbsd.org/fw_update.1">fw_update(1)</a>. |
<li>In the install script, when upgrading automatically run <a href="http://man.openbsd.org/sysmerge.8">sysmerge(8)</a> in batch mode before <a href="http://man.openbsd.org/fw_update.1">fw_update(1)</a>. |
<li>On macppc and socppc, don't check if the CPU is inside the idle loop when entering <a href="http://man.openbsd.org/ddb.4">ddb(4)</a>. This allows putting breakpoints in interrupt context and have them work if an interrupt fires while the CPU is idle. |
<li>On macppc and socppc, don't check if the CPU is inside the idle loop when entering <a href="http://man.openbsd.org/ddb.4">ddb(4)</a>. This allows putting breakpoints in interrupt context and have them work if an interrupt fires while the CPU is idle. |
<!-- 2016-04-24 --> |
<!-- 2016-04-24 --> |
<li>In <a href="http://man.openbsd.org/httpd.8">httpd(8)</a>, always pass the QUERY_STRING variable to the FastCGI handler. |
<li>In <a href="http://man.openbsd.org/httpd.8">httpd(8)</a>, always pass the QUERY_STRING variable to the FastCGI handler. |
|
|
<li>Update to tzdata2016b from ftp.iana.org. |
<li>Update to tzdata2016b from ftp.iana.org. |
<li>Allocate amap slots for a virtual memory range reserved with <a href="http://man.openbsd.org/sbrk.2">sbrk(2)</a> lazily. This avoids wasting kernel memory if the user process does not make use of the allocated memory. |
<li>Allocate amap slots for a virtual memory range reserved with <a href="http://man.openbsd.org/sbrk.2">sbrk(2)</a> lazily. This avoids wasting kernel memory if the user process does not make use of the allocated memory. |
<li>For amaps with only a few slots, allocate the slots via <a href="http://man.openbsd.org/pool.9">pool(9)</a>. This saves some memory and reduces kmem pressure. |
<li>For amaps with only a few slots, allocate the slots via <a href="http://man.openbsd.org/pool.9">pool(9)</a>. This saves some memory and reduces kmem pressure. |
<li><font color="#e00000">5.9 RELIABILITY FIX: Incorrect path processing in pledge_namei() could result in unexpectedprogram termination of <a href="http://man.openbsd.org/pledge.2">pledge(2)</a>'d programs.</font><br>A source code patch is available for <a href="errata59.html#003_pledge">5.9</a>. |
<li><font color="#e00000">5.9 RELIABILITY FIX: Incorrect path processing in pledge_namei() could result in unexpected program termination of <a href="http://man.openbsd.org/pledge.2">pledge(2)</a>'d programs.</font><br>A source code patch is available for <a href="errata59.html#003_pledge">5.9</a>. |
<li><font color="#e00000">5.7, 5.8 and 5.9 SECURITY FIX: Insufficient checks in IPv6 socket binding and UDP IPv6 option processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.</font><br>A source code patch is available for <a href="errata57.html#024_in6bind">5.7</a>, <a href="errata58.html#012_in6bind">5.8</a> and <a href="errata59.html#002_in6bind">5.9</a>. |
<li><font color="#e00000">5.7, 5.8 and 5.9 SECURITY FIX: Insufficient checks in IPv6 socket binding and UDP IPv6 option processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.</font><br>A source code patch is available for <a href="errata57.html#024_in6bind">5.7</a>, <a href="errata58.html#012_in6bind">5.8</a> and <a href="errata59.html#002_in6bind">5.9</a>. |
<li>In <a href="http://man.openbsd.org/puc.4">puc(4)</a>, add support for the Exar XR17V354 device. |
<li>In <a href="http://man.openbsd.org/puc.4">puc(4)</a>, add support for the Exar XR17V354 device. |
<!-- 2016-03-14 --> |
<!-- 2016-03-14 --> |